]> git.proxmox.com Git - mirror_qemu.git/commit
projects / mirror_qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6c94b95) | patch
hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT
authorJan Kiszka <jan.kiszka@siemens.com>
Tue, 10 Mar 2020 17:42:11 +0000 (18:42 +0100)
committerPaolo Bonzini <pbonzini@redhat.com>
Mon, 16 Mar 2020 22:02:22 +0000 (23:02 +0100)
commit3c507c26ecda8f072c80338592d7894543448fe4
tree4438a2dc484e7f8a4ba6ebfefff353ed937d5583tree
parent6c94b95274b7a602243f8ab5a9c3e54d4f5acc6bcommit | diff
hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT

vtd_irte_get failed to check the index against the configured table
size, causing an out-of-bounds access on guest memory and potentially
misinterpreting the result.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Message-Id: <4b15b728-bdfe-3bbe-3a5c-ca3baeef3c5c@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
hw/i386/intel_iommu.c diff | blob | blame | history
QEMU mirror